Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
File: 304afa07-08cf-4abd-b55e-949deeea1591.roa (raw, json)
Hash identifier: 6Xs2X+YkyWDDyXCRhE4erBpl5ubkcWZIAgm/+vgUAug=
Subject key identifier: 42:E3:D5:85:64:91:A4:FA:22:68:6C:0D:C8:F9:F3:6D:67:67:14:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 722C49C2A81A2EBEDAC7CE0201D9BE86F0CF6D9F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
Signing time: Mon 09 Jun 2025 19:20:12 +0000
ROA not before: Mon 09 Jun 2025 19:20:12 +0000
ROA not after: Mon 14 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:5000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:2c:49:c2:a8:1a:2e:be:da:c7:ce:02:01:d9:be:86:f0:cf:6d:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 9 19:20:12 2025 GMT
Not After : Jul 14 23:59:59 2025 GMT
Subject: serialNumber=785d14ba53e582b544e63e3576b717c40b17d3970b37b92e2123547253eeeb6b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:38:a5:a2:55:58:b5:63:63:a7:57:b2:52:8d:
28:a8:c0:0a:61:19:d0:12:63:24:af:b4:ae:d6:c6:
d3:8e:d5:56:73:94:f6:d0:2e:de:e2:a5:f8:69:a0:
0a:d3:ae:bd:56:76:1b:2b:ff:80:a0:19:fc:24:06:
23:5c:cb:23:c3:0b:60:b9:dd:67:e9:eb:e6:7c:67:
13:d0:86:c3:02:c2:a5:c9:1b:fa:cc:fa:7b:e9:df:
64:e8:c7:58:a1:9b:4f:31:29:3c:54:87:89:69:3a:
79:d1:fe:8a:21:d1:fa:c8:58:90:75:bd:cb:99:b9:
9d:4e:22:a7:02:b9:e4:46:9e:2f:a8:4f:3b:ce:e7:
78:00:c5:85:d9:69:69:23:b6:ad:6f:7e:c8:fd:e7:
63:63:f8:67:3d:95:81:5c:40:44:d6:ba:3e:1f:79:
c1:db:34:86:94:9e:75:21:5c:c3:4c:87:3a:e8:64:
38:09:37:76:19:27:00:6c:42:2a:f2:db:e1:a6:24:
66:d7:19:84:88:24:82:26:f1:79:e4:c1:01:e4:a8:
0b:9d:d9:d7:a8:91:ec:13:cc:58:7f:40:d1:16:6a:
d7:3c:c1:0e:4b:88:62:0e:cf:35:a6:f6:d3:89:3e:
8c:cb:3f:d6:f2:01:6e:e8:bf:cd:06:e0:b9:f2:ee:
66:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E3:D5:85:64:91:A4:FA:22:68:6C:0D:C8:F9:F3:6D:67:67:14:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/304afa07-08cf-4abd-b55e-949deeea1591.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:5000::/40
Signature Algorithm: sha256WithRSAEncryption
79:2f:4a:98:23:c6:d2:64:8c:22:27:ab:46:2b:06:55:b1:e7:
79:de:c3:85:a2:a8:e2:9d:6f:09:77:9f:4c:87:d8:54:71:8b:
89:e5:fd:f7:84:75:3e:47:75:90:b1:38:b8:32:39:1f:67:29:
76:f4:69:01:4d:7b:9d:4c:42:3f:66:75:6a:6e:42:30:e8:fc:
e3:ce:5d:70:6e:c9:2d:59:02:91:22:9e:f1:d8:43:1e:fd:8e:
fe:b7:7b:18:2f:83:88:50:0c:24:cf:df:9e:78:9d:97:58:7a:
6f:71:33:a4:19:da:55:64:48:e8:7f:7f:77:15:3d:40:05:10:
6f:b0:50:75:38:ab:42:ac:21:af:7f:93:1a:12:b8:1e:14:d6:
a1:89:4a:c8:d7:4e:84:e7:99:31:13:29:06:59:a2:a4:e3:da:
d9:e9:62:50:8e:46:be:cd:a8:b5:d9:af:2b:cf:10:bc:a3:e5:
66:a8:17:97:ee:62:af:e6:f6:c8:5f:17:f2:9d:5f:fa:9b:ae:
65:08:8b:3c:0d:f4:ce:a2:07:ef:71:dd:f2:fb:8f:34:8f:e1:
ba:50:45:2f:6d:8c:cb:bf:ad:91:45:be:5d:6a:ea:44:be:8d:
d5:c9:71:8e:30:11:4d:18:f8:c4:69:a9:c9:38:97:a1:76:81:
f3:8b:d5:89
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcixJwqgaLr7ax84CAdm+hvDPbZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MDkxOTIwMTJaFw0yNTA3MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4NWQxNGJhNTNlNTgyYjU0NGU2M2UzNTc2YjcxN2M0MGIxN2QzOTcwYjM3
YjkyZTIxMjM1NDcyNTNlZWViNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALc4paJVWLVjY6dXslKNKKjACmEZ0BJjJK+0rtbG047VVnOU9tAu3uKl+Gmg
CtOuvVZ2Gyv/gKAZ/CQGI1zLI8MLYLndZ+nr5nxnE9CGwwLCpckb+sz6e+nfZOjH
WKGbTzEpPFSHiWk6edH+iiHR+shYkHW9y5m5nU4ipwK55EaeL6hPO87neADFhdlp
aSO2rW9+yP3nY2P4Zz2VgVxARNa6Ph95wds0hpSedSFcw0yHOuhkOAk3dhknAGxC
KvLb4aYkZtcZhIgkgibxeeTBAeSoC53Z16iR7BPMWH9A0RZq1zzBDkuIYg7PNab2
04k+jMs/1vIBbui/zQbgufLuZtUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRC49WF
ZJGk+iJobA3I+fNtZ2cU9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzA0YWZhMDctMDhjZi00YWJkLWI1NWUtOTQ5ZGVlZWExNTkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB5L0qYI8bSZIwiJ6tGKwZVsed53sOFoqjinW8J
d59Mh9hUcYuJ5f33hHU+R3WQsTi4MjkfZyl29GkBTXudTEI/ZnVqbkIw6Pzjzl1w
bsktWQKRIp7x2EMe/Y7+t3sYL4OIUAwkz9+eeJ2XWHpvcTOkGdpVZEjof393FT1A
BRBvsFB1OKtCrCGvf5MaErgeFNahiUrI106E55kxEykGWaKk49rZ6WJQjka+zai1
2a8rzxC8o+VmqBeX7mKv5vbIXxfynV/6m65lCIs8DfTOogfvcd3y+480j+G6UEUv
bYzLv62RRb5daupEvo3VyXGOMBFNGPjEaanJOJehdoHzi9WJ
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:39:17 2025 by rpki-client